const connection = require('../app/database');

class PermissionService {
    // 检查用户对资源的权限
    async checkResource(resourceName, resourceId, userId) {
        try {
            // 拼接 SQL 语句，表名使用反引号括起来
            const statement = `SELECT * FROM \`${resourceName}\` WHERE id = ? AND user_id = ?`;

            // 执行 SQL 语句
            const [result] = await connection.execute(statement, [resourceId, userId]);

            // 返回是否有结果的布尔值
            return !!result.length;
        } catch (error) {
            console.error('PermissionService - checkResource:', error);
            throw error; // 抛出异常，让调用者处理
        }
    }
}

module.exports = new PermissionService();
